Oracle Java SE Critical Patch Update Announcement – June 2013

Original release date: June 18, 2013

Oracle has released a June 2013 Critical Patch Update for Oracle Java SE. This Critical Patch Update is a collection of patches for multiple security vulnerabilities in Oracle Java SE. The update contains 40 new security vulnerability fixes, including a patch for Oracle JavaDoc frame injection vulnerability VU#225657. Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update fixes as soon as possible.

The following versions of Oracle Java SE are affected:

  • JDK and JRE 7 Update 21 and earlier
  • JDK and JRE 6 Update 45 and earlier
  • JDK and JRE 5.0 Update 45 and earlier
  • JavaFX 2.2.21 and earlier

US-CERT encourages users and administrators to review the bulletin and follow best-practice security policies to determine which updates should be applied.

This product is provided subject to this Notification and this Privacy & Use policy.